What to do when ESM Server SSL certificate expires

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

What to do when ESM Server SSL certificate expires

L3 Networker

Hi All,

A strange scenario here. It appears my Traps endpoints are no longer connecting to the ESM server because the ESM SSL certificate was due to expire and had to be renewed. It seems renewing the SSL certificate has broken the trust relationship between endpoints and the ESM server. Some output from the endpoint below.

Question: What is the correct procedure to renew SSL certificates for ESM infrastructure without disrupting connectivity between endpoints and ESM

 

Cyvera.Client.Service.Heartbeat.ClosestServerFinder Communication "Failed getting status from server 'https://esm-console.<domain-name>.local:2125/'.

Cyvera.Common.ApiCommunication.Exceptions.ServerCommunicationException: The underlying connection was closed: An unexpected error occurred on a send.

System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host.

System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host

 

 

1 REPLY 1

L0 Member

Hi.

 

I guess this article will help

 

https://live.paloaltonetworks.com/t5/Endpoint-Articles/Traps-on-the-Endpoint-Security-Manager-Loses-...

 

You have to bind the new certificate to the Traps communication port…

 

Markus

  • 3888 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!